Users of AD Group not always recognized in MOSS 2007

From: Stefan Waalderbos <Stefan Waalderbos@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Sat, 8 Nov 2008 23:39:01 -0800

We have a MOSS 2007 server connected to AD. The users logs in using ISA 2006
Kerberos. All authenticated users are member of the same AD security group.
During the login some of the users get a Unknown Error message.
When we add the user as a user to the authenticated users the authentication
succeeds mostly (so sometimes they still get the Unkown Error).

Also users who are member of the AD group and could login for over a time
suddenly can not login anymore. We investigated a lot in finding the course
of this problem.

What we now so far:
1. The login behaviour is not consistent (sometime they can login and
sometimes not)
2. The behaviour is not an security issue in AD
2. Testing the AD it is consistent
3. Testing with helper pages we see that the user gets authenticated in
SharePoint
4. Styles are not loaded in the situation that a get a unknown error

Can anybody help me finding and resolving this problem?

.

Prev by Date: Content Filtering
Next by Date: Event ID 7078 and 7079
Previous by thread: Content Filtering
Next by thread: Event ID 7078 and 7079
Index(es):
- Date
- Thread

Relevant Pages

Re: Repost: Local logon and Network Access settings
... think require network login since they are over the wire do in fact ... In the default situation, Authenticated Users ... is a member of User on a member machine, and, Users are granted ... user accounts that should be allowed to log into the machines in SomeOU. ...
(microsoft.public.windows.group_policy)
Re: Repost: Local logon and Network Access settings
... > think require network login since they are over the wire do in fact ... In the default situation, Authenticated Users ... > is a member of User on a member machine, and, Users are granted ... > user accounts that should be allowed to log into the machines in SomeOU. ...
(microsoft.public.windows.group_policy)
authenticated user dcom permission ok?
... Is there any reason that "Authenticated Users" cannot be added? ... Is SELF is a member of USERS which is a member of Authenticated Users? ... that same dcomcnfg popup (another tab next to Com Security). ... find how to add a user to that default Com Security" using WMI and VBScript. ...
(microsoft.public.windowsxp.security_admin)
Re: windows new users?
... the Authenticated Users group and the Interactive Users group are added to the Users group on Windows Server 2003 computers. ... A member of the Interactive Users group, whose credentials are trusted, can log on to the server interactively. ... automatically a member of the the interactive group, remove this account and no one will be able to logon locally. ...
(microsoft.public.windowsxp.setup_deployment)
Re: Problems with Security Policy accross trust
... GPO is implemented to lock the desktop down, if it will not pass from trust ... > or authenticated users can allow access to users from a trusted domain. ... Ipsec by default uses ... > kerberos authentication to create a security association before computers ...
(microsoft.public.security)